CVE-2017-10685

In ncurses 6.0, there is a format string vulnerability in the fmt_entry function. A crafted input will lead to a remote arbitrary code…

mitre·CWE-134·Published 2017-06-29

CVSS

—

EPSS

0.04

KEV

Exploits

cve.orgen

152 chars

In ncurses 6.0, there is a format string vulnerability in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.

NVDen

152 chars

In ncurses 6.0, there is a format string vulnerability in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.

NVDes

196 chars

En ncurses 6.0, hay una vulnerabilidad de cadena de formato en la función fmt_entry. Se podría realizar un ataque de ejecución remota de código arbitrario con una entrada especialmente manipulada.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.0	Primary	NVD	9.8	3.9	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H